In considering new topics for blog posts, I came to realize that it may be interesting to spend a few posts discussing aspects of my home network. While I do not by any means consider my home infrastructure the Fort Knox of home network security, I would venture to say it is a little bit above and beyond the average home network. To start the series, I would like to talk about something very near and dear to my heart, Vulnerability Management. Several years ago, after progressing in my entry-level position as a State Police Information Security Officer, I was given a lateral promotion into a Vulnerability Management Coordinator (VMC) position within a large state government.

Due in no small part to the fact that I was still a little “wet behind the ears” I was extremely dependent on tools in the early phases of my transition into the role of VMC. Thus, I am very selective when it comes to choosing the right vulnerability scanner, even in my home. Over the next two days I will be selecting a primary vulnerability scanner for my home network by researching industry leading freeware/community/trial vulnerability management solutions. In particular the following vulnerability scanners will be considered:

Tenable Nessus (Home Feed)

Rapid7 NeXpose (Community Edition)

SAINT

eEye Retina

My early prediction is that I will mostly likely decide on Rapid7′s NeXpose CE. Rapid7 NeXpose is amazingly similar to their commercial product which is rapidly making waves within the security market. Furthermore, NeXpose Community Edition really exceeds my needs despite coming at the low price of free. I think NeXpose will most likely be challenged by Nessus. Not too long ago I had written Nessus off as a rapidly declining vulnerability assessment platform. In fact my disappointment with my once favorite vulnerability assessment platform was so upsetting to that I even decided to produce a mock break-up letter with Nessus. Recent developments however are highly influential. Nessus now sports a beautiful user interface that is hosted server-side, thus breaking the client-server model that Nessus was previously dependent on. These contributing factors could eventually give Nessus a leg up on NeXpose, but that remains to be seen.